Hi Andre, I've got the same problem sometime, It can be: + vmware snapshot: if I reboot host operating system (Linux), I can get this problem. I have to take a new snapshot (WinXP) to solve the problem. + Firewall: Even I disable SELinux, but there is iptables still working. That's some points I have got since I used capture-hpc Just send your config.xml, others can have a look and share experiences Cheers, Lam.
On Thu, Jun 24, 2010 at 2:18 PM, Andre Hall <ah...@westcoast.com> wrote: > Hi Lam, > > What's the point other that if the firewall has been completely disabled? > > Van Lam Le <vanla...@gmail.com> wrote: > > Hi Andre, > It seems firewall issue. If you use fedora 10, check firewall setting > and > add port 7070 (system-config-firewall)! > Cheers, > Lam. > > On Thu, Jun 24, 2010 at 1:52 PM, Andre Hall <ah...@westcoast.com> wrote: > > > Lam > > > > Yes....the prompt shows the client path -s 192.168.10.1 -p 7070 -a > > 22048196 -b 11546362 1>c:\progra~1\capture\capture.log > > > > Van Lam Le <vanla...@gmail.com> wrote: > > > > Hi Andre, > > From your given log, the capture-client doesn't connect to > > capture-server > > (There is no line like 'ClientSetState: CONNECTED'). What are on Dos > > prompt > > on WinXP? Is there something like c:\progra~1\CaptureClient.exe -s > > capture-server_ip:port .....? > > Cheers, > > Lam. > > > > On Thu, Jun 24, 2010 at 1:19 PM, Andre Hall <ah...@westcoast.com> wrote: > > > > > Hi Lam, > > > > > > I should have mentioned that I do receive a response from the server > > when > > > I issue a ping from the client or the server. I'm also very aware of > > > broken snapshots and I make it standard protocol to create new > shapshots > > > when executing the capture server for the first time. So new a new > > > snapshot was immediately created after migrating my VM to my new > setup. > > > > > > Cheers. > > > > > > Andre > > > > > > Van Lam Le <vanla...@gmail.com> wrote: > > > > > > Hi Andre, > > > From WinXP, try to ping ip of capture-server to check whether it > > > replies > > > or not! If it does not, delete snapshots, restart WinXP, try to ping > > again > > > until you can get replies from capture-server, and then take a new > > > snapshot! > > > Cheers, > > > Lam. > > > > > > On Thu, Jun 24, 2010 at 12:57 PM, Andre Hall <ah...@westcoast.com> > > wrote: > > > > > > > Hi Lam, > > > > > > > > I run Capture server I do see the DOS prompt in my WinXP VM showing > > that > > > > client has communication with the server. > > > > In the case of firewalls - I'm suing my pre-configured XP image I > have > > > from > > > > my 3 other Capture server (no firewall enabled). I also have > > firewalling > > > > (SELinux)disabled on the host.As I stated in my earlier > message...I've > > > > doubled checked my client path in config.xml. I have 3 other Capture > > > servers > > > > running identical configurations - same VMs, file paths, etc. > > > > > > > > > > > > > > > > -----Original Message----- > > > > From: capture-hpc-boun...@public.honeynet.org on behalf of Van Lam > Le > > > > Sent: Wed 6/23/2010 2:18 PM > > > > To: General discussion list for Capture-HPC users > > > > Subject: Re: [Capture-HPC] Capture reverts VM but no browser or > URLs. > > > > Revert in infinite loop. > > > > > > > > Hi Andre, > > > > There are two cases: > > > > + Client application path: When you run capture-server, have a > look > > on > > > > client-side. If there is no command prompt windows opened, client > > > > application cannot be executed remotely. That is client application > > path > > > > problem. Please check client application path on windows and client > > > > application path in your config.xml. > > > > + Firewall: When you run capture-server, have a look on > > client-side. > > > If > > > > there is a command prompt windows opened, client application is > > executed > > > > remotely but it cannot connect to capture-server on port 7070. > Please > > > check > > > > firewall in both sides! > > > > Cheers, > > > > Lam. > > > > > > > > On Wed, Jun 23, 2010 at 3:23 PM, Andre Hall <ah...@westcoast.com> > > wrote: > > > > > > > > > Hello all, > > > > > > > > > > It's been awhile since I've mailed the group having successfully > set > > 3 > > > > > Capture-HPCs servers. I'm currently setting up a new server with > > more > > > > > current hardware (Intel Core2Quad 2.66 GHz , 8GB memory, 1TB hard > > > drive, > > > > > Fedora 10). I've followed all of my previous installations to the > > > letter > > > > but > > > > > I'm running into the server not queueing URLs from my list. I've > > > checked > > > > the > > > > > troubleshooting guide which suggests the problem results from this > > > error > > > > > indicating that the application specified in the client-path (the > > > Capture > > > > > Client application) wasn't found or doesn't have connectivity to > the > > > > server. > > > > > All of my paths are consistent across all of my other > installations > > so > > > > that > > > > > I can keep all of my installation paths standard. Could there be > > > anything > > > > > else I have missed. I wouldn't consider myself an expert at thes > > > > > installations but I'm pretty close. Thanks in advance. > > > > > > > > > > > > > > > [r...@seeker capture-server]# > > > java -Djava.net.preferIPv4Stack-true -jar > > > > > CaptureServer.jar -s 192.168.10.1:7070 -f input_urls.txt > > > > > PROJECT: Capture-HPC > > > > > VERSION: 2.5 > > > > > DATE: Apr 25, 2008 > > > > > COPYRIGHT HOLDER: Victoria University of Wellington, NZ > > > > > AUTHORS: > > > > > Christian Seifert (christian.seif...@gmail.com) > > > > > Ramon Steenson(ramon.steen...@gmail.com) > > > > > > > > > > Capture-HPC is free software; you can redistribute it and/or > modify > > > > > it under the terms of the GNU General Public License, V2 as > > published > > > by > > > > > the Free Software Foundation. > > > > > > > > > > Capture-HPC is distributed in the hope that it will be useful, > > > > > but WITHOUT ANY WARRANTY; without even the implied warranty of > > > > > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > > > > > GNU General Public License for more details. > > > > > > > > > > You should have received a copy of the GNU General Public License > > > > > along with Capture-HPC; if not, write to the Free Software > > > > > Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA > > > 02110-1301,USA > > > > > > > > > > > > > > > Option added: server-listen-port => 7070 > > > > > Option added: server-listen-address => 192.168.10.1 > > > > > Option added: input_urls => input_urls.txt > > > > > CaptureServer: Listening for connections > > > > > Validating config.xml ... > > > > > config.xml successfully validated > > > > > Option added: capture-network-packets-benign => false > > > > > Option added: capture-network-packets-malicious => false > > > > > Option added: client-default => iexplore > > > > > Option added: client-default-visit-time => 30 > > > > > Option added: client_inactivity_timeout => 60 > > > > > Option added: collect-modified-files => true > > > > > Option added: different_vm_revert_delay => 24 > > > > > Option added: group_size => 1 > > > > > Option added: revert_timeout => 120 > > > > > Option added: same_vm_revert_delay => 6 > > > > > Option added: send-exclusion-lists => false > > > > > Option added: terminate => true > > > > > Option added: vm_stalled_after_revert_timeout => 120 > > > > > Option added: vm_stalled_during_operation_timeout => 300 > > > > > ExclusionList: file - FileMonitor.exl: File not found > > > > > ExclusionList: process - ProcessMonitor.exl: File not found > > > > > ExclusionList: registry - RegistryMonitor.exl: File not found > > > > > [192.168.10.1:902] VM added > > > > > [Jun 22, 2010 6:51:21 PM-192.168.10.1:902-11546362] VMSetState: > > > > > WAITING_TO_BE_REVERTED > > > > > PARSING PREPROCESSOR > > > > > n is null > > > > > Waiting for input URLs... > > > > > [Jun 22, 2010 6:51:24 PM-192.168.10.1:902-11546362] VMSetState: > > > REVERTING > > > > > [Jun 22, 2010 6:51:30 PM-192.168.10.1:902-11546362] VMSetState: > > > RUNNING > > > > > Reverting different VM...waiting considerably > > > > > [Jun 22, 2010 6:51:54 PM-192.168.10.1:902-11546362] Finished > > > processing > > > > VM > > > > > item: revert > > > > > Waiting for input URLs... > > > > > [Jun 22, 2010 6:52:30 PM-192.168.10.1:902-11546362] Client > > inactivity, > > > > > reverting VM > > > > > [Jun 22, 2010 6:52:30 PM-192.168.10.1:902-11546362] VMSetState: > > > > > WAITING_TO_BE_REVERTED > > > > > [Jun 22, 2010 6:52:31 PM-192.168.10.1:902-11546362] VMSetState: > > > REVERTING > > > > > [Jun 22, 2010 6:52:37 PM-192.168.10.1:902-11546362] VMSetState: > > > RUNNING > > > > > Reverting same VM...just waiting a bit > > > > > [Jun 22, 2010 6:52:43 PM-192.168.10.1:902-11546362] Finished > > > processing > > > > VM > > > > > item: revert[Jun 22, 2010 6:56:22 PM-192.168.10.1:902-11546362] > > > > VMSetState: > > > > > REVERTING > > > > > [Jun 22, 2010 6:56:27 PM-192.168.10.1:902-11546362] VMSetState: > > > RUNNING > > > > > Reverting different VM...waiting considerably > > > > > [Jun 22, 2010 6:56:51 PM-192.168.10.1:902-11546362] Finished > > > processing > > > > VM > > > > > item: revert > > > > > Waiting for input URLs... > > > > > [Jun 22, 2010 6:57:28 PM-192.168.10.1:902-11546362] Client > > inactivity, > > > > > reverting VM > > > > > [Jun 22, 2010 6:57:28 PM-192.168.10.1:902-11546362] VMSetState: > > > > > WAITING_TO_BE_REVERTED > > > > > [Jun 22, 2010 6:57:29 PM-192.168.10.1:902-11546362] VMSetState: > > > REVERTING > > > > > [Jun 22, 2010 6:57:35 PM-192.168.10.1:902-11546362] VMSetState: > > > RUNNING > > > > > Reverting same VM...just waiting a bit > > > > > [Jun 22, 2010 6:57:41 PM-192.168.10.1:902-11546362] Finished > > > processing > > > > VM > > > > > item: revert > > > > > > > > > > > > > > > This e-mail and any files transmitted with it are confidential and > > > > > intended solely for the use of the individual or entity to whom > they > > > > > are addressed. If you have received this email in error please > > notify > > > > > the sender by replying to this e-mail. > > > > > > > > > > Replies to this email may be monitored by the Haymarket Group > > > > > for operational or business reasons. > > > > > > > > > > Whilst every endeavour is taken to ensure that e-mails are free > from > > > > > viruses, no liability can be accepted and the recipient is > requested > > > > > to use their own virus checking software. > > > > > > > > > > www.haymarket.com > > > > > > > > > > Haymarket Media Group Limited > > > > > Registered in England no. 267189 > > > > > Registered Office: 174 Hammersmith Road, London W6 7JP > > > > > > > > > > --ES > > > > > > > > > > _______________________________________________ > > > > > Capture-HPC mailing list > > > > > Capture-HPC@public.honeynet.org > > > > > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > > > > > > > > > > > > > > > > > > -- > > > > Van Lam Le > > > > PhD Student - Room CO335 > > > > School of Engineering and Computer Science > > > > Victoria University > > > > PO Box 600 > > > > Wellington 6140 > > > > New Zealand > > > > Email: van.lam...@ecs.vuw.ac.nz > > > > Phone: +64 4 463 5233 (ext 8286) > > > > > > > > > > > > _______________________________________________ > > > > Capture-HPC mailing list > > > > Capture-HPC@public.honeynet.org > > > > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > > > > > > > > > > > > > -- > > > Van Lam Le > > > PhD Student - Room CO335 > > > School of Engineering and Computer Science > > > Victoria University > > > PO Box 600 > > > Wellington 6140 > > > New Zealand > > > Email: van.lam...@ecs.vuw.ac.nz > > > Phone: +64 4 463 5233 (ext 8286) > > > > > > _______________________________________________ > > > Capture-HPC mailing list > > > Capture-HPC@public.honeynet.org > > > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > > > > > > > -- > > Van Lam Le > > PhD Student - Room CO335 > > School of Engineering and Computer Science > > Victoria University > > PO Box 600 > > Wellington 6140 > > New Zealand > > Email: van.lam...@ecs.vuw.ac.nz > > Phone: +64 4 463 5233 (ext 8286) > > > > _______________________________________________ > > Capture-HPC mailing list > > Capture-HPC@public.honeynet.org > > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > > -- > Van Lam Le > PhD Student - Room CO335 > School of Engineering and Computer Science > Victoria University > PO Box 600 > Wellington 6140 > New Zealand > Email: van.lam...@ecs.vuw.ac.nz > Phone: +64 4 463 5233 (ext 8286) > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > -- Van Lam Le PhD Student - Room CO335 School of Engineering and Computer Science Victoria University PO Box 600 Wellington 6140 New Zealand Email: van.lam...@ecs.vuw.ac.nz Phone: +64 4 463 5233 (ext 8286)
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
